keystone/releasenotes/notes/bug-1641645-516709f9da3de26f.yaml
Steve Martinelli 5e2cc88ce7 clean up release notes for ocata
Change-Id: I9f4d47518f1a1ab184d6cefb2b251aaad38e113a
2017-01-27 14:36:54 +00:00

10 lines
447 B
YAML

---
features:
- |
[`bug 1641645 <https://bugs.launchpad.net/keystone/+bug/1641645>`_]
RBAC protection was removed from the `Self-service change user password` API
(``/v3/user/$user_id/password``), meaning, a user can now change their password
without a token specified in the ``X-Auth-Token`` header. This change will
allow a user, with an expired password, to update their password without the
need of an administrator.